For those of you who know me, Henry was my basset hound, and the fictitious name used during (ahem) special research. I'm a former intelligence officer, a professional analyst, and a blogger since 2004 writing about my experiences on the journey --information security, cyber intelligence, education, thoughts. Some love my writings others hate it. If you like it, follow me!

Thursday, July 01, 2004

The crowds seem to be slimming a bit today, presumably due to the happy hour hosted by the vendors last night, and the gameshow excitement generated by Mr. T during the followon hours. BOF sessions are numerous, and I would expect they're taking there toll on the attendees, who seem to want nothing more than sleep this morning. Unfortunately I missed the morning session due to heavy traffic coming into Boston (I've been commuting in from New Hampshire each day), but did have the opportunity to catch one of the more interesting topics of the week --Open Source Flight Simulator. Having had experience looking at both arial and satalite imagery, I was amazed at the level of detail provided by this package. OK, it had nothing to do with information security or system administration, but was none-the-less, a fun topic. This afternoon is a set of UseLinux Refereed Papers, followed by a session on "System Administration/General" or "Deploying the Luster Cluster File System". It actually makes me happy I've got a con call scheduled during that exact timeslot. This evenings session however looks to be fun --the Super User Linux Group --Usenix took the opportunity to invite any of the Linux folks in the local area to participate. All of the local user groups got invitations. Should be a blast. It'll be followed by a Linux BOF led by Mad Dog (can you imagine a guy calling himself Mad Dog, simply because he runs Linux?? There's gotta be more!)

Wednesday, June 30, 2004

I'm currently sitting in on an RSA talk about their concerns for privacy in the world of wireless, including what sounds like an all encompassing world of everything from RFID to 802.XX. They contend that the government should legislate how the wireless data should be used, how it must be stored. Frankly this "the sky is falling" idea that they're trying to push doesn't seem to be going over well in the audience. Three things come to issue in my mind..

-First how much of the research (and resulting talks) were designed to thwart competition from companies that use combinations of authentication and RF proximity to figure out if bad guys are attempting to gain access to a company's (or consumer's) wireless networks?
-Second, how different is finding RF from shortwave listening? It sounds like we they may be trying to re-eat an pre-digested elephant.
-Last, I'd be more interested in the security of the data after storage of data collected or passed via these networks. Is the database that manages the RFID inventory and consumer preferences at your local grocery store safe enough to handle your consumer preferences?

It seems the audience has the RSA panel on the ropes... glad I'm not sitting up there.

GEER VS CHARNEY

Good matchup. Unfortunately, no blood, no sweat, no cage. The two were very professional. The audience was as well. Opening statements started off with Dan reading what I assumed was his paper on the monoculture of IT being a national security issue. Charney kicked off talking about his background in the Bronx with followon at Justice.

The two offered very good perspectives of each side of their respective coins. Good arguements from both sides. It seemed the audience, when given the opportunity to ask questions were more interested in jumping into the debate. Great job keeping them at bay by the moderator --with the exception of Dan's co-author.. who was debating anyway??

Regardless, the debate left the audience debating well into happy hour. Great job.

Tuesday, June 29, 2004

Great talk today by Eliot Lear from Cisco entitled "Network Complexity: How do I manage all of this?" Eliot discussed things like network discovery and the issues associated with finding devices into the high number range (10^8 devices for expanding enterprises for example), fault management, Workflow management, and commonalities of requirements for devices that can handle these problems. Identity Management, as expected was included in the discussion, and the problem of "consumers awash in keys".. great stuff. Nice job Eliot!

Monday, June 28, 2004

Had the opportunity to sit in on three rather interesting sessions today: First was prioritizing e-mail (Spam killing). Three guys, formerly of HP Labs discussed creating rules to predict (with relative certainty) which messages are spam, and which aren't. One criticism however, before going public, it'd be good to see more than one dataset. The tests ran by this team were run using log data from HP Labs. It'd be interesting to see several commercial test cases. The tests were evidently ran using collected log data from two months of traffic, but no outside datasets were run.

Next, sat in on a session entitled "Swimming in a Sea of Data", where a man with a very thick accent spoke softly into a mic, and so fast he couldn't be understood even IF he spoke into the mic. I left fifteen minutes into the preso.

System Administration: The big picture. Here, a panel of three gentlemen discussed a vision for standardizing practices by system administrators. The analogy is this: an electrician must wire houses by code. The Electrical Engineer writes the code. Why then can't sysadmins have a code by which they must follow without question. System Engineers would write the code. Good question. Speaking of questions, we had 35 minutes to ask questions. The first? How can we assess system administrators? Next, Why are so many companies outsourcing? (Somebody pull the stick out of my eye!) Other than that? Good talk.

It's 4PM. I'm outa here for the day. Tomorrow morning is the Cisco talk which also looks pretty good. Wednesday should be a blast: Dan Geer vs. Scott Charney in a cage match to the death!

Checked in today to get my ticket for the rest of the conference and attend Orientation. After checkin, I had a couple of minutes to kill before the orientation session kicked off. I decided to check e-mail. Within seconds of sitting down, I was approached by an unemployed sysadmin who had been out of work for nearly three years (I would presume his skill our a bit rusty?), and received a fifteen minute one-way discussion on why Sysadmin outsourcing sucks (man).